resource "alicloud_vpc" "vpc" {
  name       = "forrest"
  cidr_block = var.vpc_cidr
}

resource "alicloud_security_group" "group" {
  name        = "forrest"
  description = "forrest security"
  vpc_id      = alicloud_vpc.vpc.id
}

resource "alicloud_security_group_rule" "accept_ping_rule" {
  type              = "ingress"
  ip_protocol       = "icmp"
  policy            = "accept"
  port_range        = "-1/-1"
  priority          = 100
  security_group_id = alicloud_security_group.group.id
  cidr_ip           = "0.0.0.0/0"
  description       = "ping"
}

resource "alicloud_security_group_rule" "accept_ssh_rule" {
  type              = "ingress"
  ip_protocol       = "tcp"
  policy            = "accept"
  port_range        = "22/22"
  priority          = 100
  security_group_id = alicloud_security_group.group.id
  cidr_ip           = "0.0.0.0/0"
  description       = "ssh"
}

resource "alicloud_security_group_rule" "accept_http_rule" {
  type              = "ingress"
  ip_protocol       = "tcp"
  policy            = "accept"
  port_range        = "80/80"
  priority          = 100
  security_group_id = alicloud_security_group.group.id
  cidr_ip           = "0.0.0.0/0"
  description       = "http"
}

resource "alicloud_security_group_rule" "accept_https_rule" {
  type              = "ingress"
  ip_protocol       = "tcp"
  policy            = "accept"
  port_range        = "443/443"
  priority          = 100
  security_group_id = alicloud_security_group.group.id
  cidr_ip           = "0.0.0.0/0"
  description       = "https"
}

resource "alicloud_vswitch" "vsw" {
  name              = "forrest-vsw"
  vpc_id            = alicloud_vpc.vpc.id
  cidr_block        = var.vsw_1_cidr
  availability_zone = var.zone_1
}

resource "alicloud_eip" "eip" {
  bandwidth          = 10
}


#data "alicloud_eips" "eips_ds" {
#}
#
#resource "alicloud_eip_association" "eip_asso" {
#  allocation_id = data.alicloud_eips.eips_ds.eips.0.id
#  instance_id   = alicloud_instance.web.id
#
#  provisioner "local-exec" {
#    command = "ansible-playbook -i '${data.alicloud_eips.eips_ds.eips.0.id},' ./ansible/web.yml"
#  }
#}

